OurShop.com SSL Made Simple         

Straightforward Explanation of SSL and HTTPS.

OurShop.com E-Commerce Web Site Resources About Merchant Accounts About Domain Names About Web Hosts About Traffic Checklist
     About Us
OurShop.com SSL Made Simple
How does SSL work?
Quick SSL Fact:

Getting your own SSL certificate usually requires some coordination with your web host. A "certificate signing request" needs to be generated on your hosting server. This is normally done by the hosting company staff.

How does SSL work?
Quick SSL Fact 2:

Using an SSL certificate on your account requires the hosting account to have it's own IP address. Many hosting companies charge extra for this or only have IP addresses included in their higher packages. If you plan to use your own SSL certificate be sure your hosting package includes an IP address. (see our our hosting recommendations)

Shared SSL Certificates:
Some web site hosting companies have "shared" SSL certificates available. Using shared SSL certificates can be a good alternative to having your own. They can usually be easily integrated into your shopping cart and can save site owners the expense and effort of getting their own certificates. For more information on shared SSL certificates click here.

SSL web site hosting companies:
Most hosting companies allow for hosting your own SSL certificate. There is often an additional charge added to your monthly web site hosting fee for this. Our e-commerce web site hosting companies recommendations include SSL hosting with all packages at no additional cost other that a small setup fee.

Be sure to check SSL hosting fees before selecting an e-commerce web site hosting company.

More Resources: If you want more detail on items such as the cyphers used and how the behind the scenes validation works, click here to view Netscape papers or here for our detailed description.

Check out our new Amazon project
Click Here
With CarPartsMall.com

How does SSL work Navigation

How Does SSL Work?

SSL Walk-Through

1. SSL Request

2. Encrypt and Validate Certificate

3. Complete Handshake

SSL Provider Specific Information

Shared SSL Certificates

Recommended Reading

How does ssl work?

Simplified SSL - About Secure Sockets Layer and HTTPS

Information regarding specific SSL certificate providers can be found by clicking here.

Processing transactions securely on the web means that we need to be able to transmit information between the web site and the customer in a manner that makes it difficult for other people to intercept and read. SSL, or Secure Sockets Layer, takes care of this for us and it works through a combination of programs and encryption/decryption routines that exist on the web hosting computer and in browser programs (like Netscape and Internet Explorer) used by the internet public.

See the left side panel for information on how shared secure certificates work.

SSL Overview from the Customer's Browser viewpoint

  1. Browser checks the certificate to make sure that the site you are connecting to is the real site and not someone intercepting.
  2. Determine encryption types that the browser and web site server can both use to understand each other.
  3. Browser and Server send each other unique codes to use when scrambling (or encrypting) the information that will be sent.
  4. The browser and Server start talking using the encryption, the web browser shows the encrypting icon, and web pages are processed secured.
Detailed SSL/HTTPS:
See our detailed step-by-step SSL walk-through including diagrams and sidebars on items like cyphers and man-in-the-middle attacks.
Click here for our detailed SSL/HTTPS walk through >>

About IP addresses and SSL: Though your SSL certificate is bound to your fully qualified domain name (encrypted into the certificate request and registerd when you purchase your certificate) web servers link the certificate to the IP address. The result is that if you attempt to have more than one SSL certificate associated with the same IP address (in the case of virtual hosting) you may get undesired results.

Typically the certificate that will be used for the IP address, no matter which domain you attempt to access, will be the first one in the web server's configuration file. This is important to note for the web site owner because many of the budget and free web hosting services do not give you your own IP address.

Getting a unique IP address for an SSL certificate is usually the main factor in extra pricing for secure hosting on the budget web hosts and can often increase your pricing past that of a full service host. Even with full service web hosts if you need seperate certificates for multiple domains you will often need to open individual accounts for each so that they have their own IP addresses. On the other hand, since the certificate itself is not linked to the IP address you can usually move the certificate from one web host to another (as long as you have a unique IP address at the new host).

Our Detailed How does SSL work pages include additional IP address notes in the sidebars.

What does the typical merchant need to know about how SSL works?

Though it is good to answer the "How does SSL work?" question (see the steps on the following pages) the typical merchant really needs to only be concerned with how to get a secure certificate and making sure that he/she is using a valid and current ssl certificate (step 2.03) and what URL to use when creating secure links. SSL certificates are purchased from various certificate vendors and it requires a CSR (Certificate Signing Request) to be generated on the web server. This usually involves getting in touch with the hosting company and asking them to generate the CSR for you. After your receive the CSR (which looks like an encrypted block of undecipherable text) you can order your certificate from the SSL certificate provider. Once you receive the SSL certifcate back from the certificate authority, you will normally need the hosting company to install it for you.

You also need to be sure that your hosting account will allow an SSL certificate. The primary factor is a unique IP address (as stated above). If not documented on your web host's web site, it is a good idea to contact them directly. You want to know a) whether or not your account can handle its own certificate and b) what additional costs are involved.

After the web host installs the new certificate on the web server the merchant/designer will need to be sure that the desired secure pages are called using "https://" in their links. All components on the page should either use a relative path (without https or http) or "https://" in order to avoid browser messages saying that some items are not secure. Addressing additional page items (such as images) using a relative path will default to the same protocol used when the page was displayed.

Some web hosting companies have "shared" SSL certificates that you can use under their domain name. This eliminates the need for you to get your own. As an example, if OurShop.com were a web hosting company and xyz.com had an account there, they could use the shared certificate with a URL something like "https://xyz.ourshop.com". A merchant that prefers to have their secure processing under their own domain name will need to get their own SSL certificate. Click Here for our How does shared ssl work? page.

Our SSL certificate provider recommendation page can help you understand which SSL certificate provider is right for you. This page can be found by clicking here.

Need more answers on SSL? Try a Google search from here:

Are you looking for a comparison of the primary SSL certificate providers?

Click here to take see our SSL Provider Summary.

 About Merchant and
 Gateway Accounts

 Selecting a web host


Kindle Edition!


[ OurShop.com Web Site Hosting Resources for E-commerce Companies - Home ] 14:48:27

Site Map ]   
Copyright © 2011 OurShop.com Merchant Resources